LogonBox SSPR 2.3.15 – What You Need To Know

Posted on by Lee Painter

Introduction

The LogonBox team is pleased to announce the immediate availability of LogonBox SSPR 2.3.15. This release includes performance fixes, more effectively targeted password expired emails, and an update to the LogonBox Password Manager browser extension.

Performance Improvements

In this release, we have optimized several database calls. Many database queries were taking a few seconds each. These queries are in use on many pages, which results in slow page load times (sometimes several seconds).

After the changes, these same queries run too fast to get accurate timing information when benchmarking.

These optimizations have resulted in pages loading up to 10 times faster than before (notably the Tenants/Realms pages), but this has also had a positive effect in many other areas, which should give a snappier feel to the whole UI in general.

More effective targeting of password expired emails

Two options are now available in the password expired message template based on customer feedback to help you control to which accounts the server sends password expired notifications.

  • A new option is available to only send expired notifications for a defined number of days after a password expiry.

This setting is in Messages->Password Expired template->Maximum expiry emails age (Default 30 days).

  • Another option is available for sending expired notifications to active users only.

This setting is in Messages->Password Expired template->Only send to active users.

With this option enabled, password expired messages will only send to users with a completed profile (i.e., users who have configured their accounts to perform password resets via the LogonBox service).

Updated browser extension for password management

The LogonBox Password Manager browser extension has had a few updates, including:

  • Clicking ‘Never’ when prompted to save credentials works as expected
  • New UI and better dynamically generated icons
  • You can now share any of your passwords with other LogonBox users from the green options button
  • Show number of items on a page is now persistent across sessions
  • Users can create a directory tree under Personal Folders in My Resources->My Passwords in the web UI.
  • Passwords shared with me display in the browser under “Passwords shared with Me” in the folder structure the original user created.

Subject Alternative Name (SAN) support added to SSL certificates

When creating a new certificate, your CN will automatically add a SAN entry for better compatibility with CAs. There is a new SAN field to allow you to add any number of extra SAN hosts.

This feature should give broader compatibility with more certificate authorities as many now require a SAN entry to be present in the CSR you send to them.

Banner text on the main portal page

It has always been possible to add a Logon Banner to the My Account page if you want to add a message during login for your users.

Based on customer feedback, it is now possible to add another message to the initial portal page that all users will see.

The settings for this are in Authentication Flows->Authentication Options->Portal Options->Portal Banner.

You can position the message above or below the portal buttons with the ‘Banner on top of page’ option.

Upgrade Instructions

You can upgrade either from the web UI or the operating system directly.

To upgrade from the web UI, log on with your admin account, navigate to Server Status from the main dashboard and click Update. You may also be prompted for this automatically on login if you have Updates, Features & Licensing->Update Prompt turned on.

To upgrade from the operating system:

On Windows – download the new installer, run the installer, and follow the prompts.

On a LogonBox VM – from a shell, type in:

apt update

apt upgrade

Our support team will be upgrading Cloud customers over the coming week.

Changes

Here is a summary of the changes in this release.

Features

  • Optimizing database queries has made significant improvements to UI page load performance.
  • Subject Alternative Name (SAN) support added to SSL certificates.
  • Added option for banner text to be added to the main portal page.
  • Added an option to only send password expired emails to recently expired emails.
  • Added an option to send password expired emails to active users only.
  • Improvements made to password manager browser extension

Bugs

  • UI elements should no longer duplicate if you click on a different menu while editing a resource.
  • Daily profile statistics messages are now sent as expected for Realm Administrators on a non-System realm.
  • Fixed a memory leak in web UI sessions.
  • Updates download progress bar width fixed to remove unwanted horizontal scrollbar.
  • Changed several message template text items where ‘login’ is now the more correct ‘log in’.
  • Fixed Header Logo URL, which now uses the value defined in Appearance->Brand->URL
  • SSL connections with the LDAP directory connector are working again
  • If SSL Strict Trust mode is enabled, the ‘Trust SSL Certificate’ prompt now correctly saves the choice rather than prompting forever.